CPhulk Questions (Urgent)

[DreamPhysix]

I moved my cPanel installation to a VPS and am getting a lot of brute force attacks. I had root login notifications enabled for a little while and got emails about root login from ip <blank> under PAM authentication with username system. My concern about this is that the IP address is not provided. What does this mean? I get this email a lot, even when I'm not messing with cPanel or logging in. Additionally, I would like suggestions on what cphulk settings to use. Here's what I currently have:

Thanks in advance,

 

[Infopro]

Do you see the IP in the History Report? I suggest you enable the two check boxes at bottom you've got unchecked. Also be sure you've got your own IP whitelisted.

 

[DreamPhysix]

Do you see the IP in the History Report? I suggest you enable the two check boxes at bottom you've got unchecked. Also be sure you've got your own IP whitelisted.

Where is the history report?

 

[Infopro]

Last tab in your picture.

 

[DreamPhysix]

Last tab in your picture.

I thought that only showed failed logins. These are for successful ones:

Root was logged into pam using following authentication service: system

 

[Infopro]

There is a similar but very old thread here:
http://forums.cpanel.net/f5/cphulkd-not-showing-intruders-ip-102609.html

It was suggested several times there to put in a ticket to cPanel support, you might wish to take that same route on this one.